With a significant growing number of smart phones and applications, malware writers frequently download popular applications and repackage them with malware. These “repackaged” applications are then made available online and/or in applications stores. Such repackaged applications may be detected based on binary analysis. However, such computational intensive detection technique requires access to the binary data of the original application as well as that of the suspected repackaged application. However, this solution does not scale well, considering the thousands of applications that are available, and there is no way to tell which devices are infected by such malware without access to the codes running on each device.